Abstract
This work demonstrates the feasibility of building a PIR system with performance similar to non-PIR systems in real situations. Prior Chor PIR systems have chosen block sizes that are theoretically optimized to minimize communication. This (ironically) reduces the throughput of the resulting system by roughly 50x. We constructed a Chor PIR system called upPIR that is efficient by choosing block sizes that are theoretically suboptimal (from a communications standpoint), but fast and efficient in practice. For example, an upPIR mirror running on a threeyear- old desktop provides security updates from Ubuntu 10.04 (1.4 GB of data) fast enough to saturate a T3 link. Measurements run using mirrors distributed around the Internet demonstrate that a client can download software updates with upPIR about as quickly as with FTP.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Cappos, J., Samuel, J., Baker, S., Hartman, J.: A Look in the Mirror: Attacks on Package Managers. In: CCS 2008, pp. 565–574. ACM, New York (2008)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private Information Retrieval. Journal of the ACM 45, 965–982 (1998)
Ding, X., Yang, Y., Deng, R., Wang, S.: A new hardware-assisted PIR with O(n) shuffle cost. International Journal of Information Security 9, 237–252 (2010), 10.1007/s10207-010-0105-2
Ostrovsky, R., Shoup, V.: Private information storage (extended abstract). In: STOC, pp. 294–303 (1997)
Kushilevitz, E., Ostrovsky, R.: Replication is not needed: single database, computationally-private information retrieval. In: FOCS 1997, pp. 364–373 (October 1997)
Beimel, A., Ishai, Y., Kushilevitz, E., François Raymond, J.: Breaking the O(n 1/(2k-1)) Barrier for Information-Theoretic Private Information Retrieval. In: FOCS 2002, pp. 261–270 (2002)
Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–414. Springer, Heidelberg (1999)
Asonov, D., Freytag, J.-C.: Almost Optimal Private Information Retrieval. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 209–223. Springer, Heidelberg (2003)
Ambainis, A.: Upper bound on communication complexity of private information retrieval. In: Degano, P., Gorrieri, R., Marchetti-Spaccamela, A. (eds.) ICALP 1997. LNCS, vol. 1256, pp. 401–407. Springer, Heidelberg (1997)
Achieving Practical Private Information Retrieval (Panel @ Securecomm 2006), http://www.cs.sunysb.edu/~sion/research/PIR.Panel.Securecomm.2006/
Sion, R.: On the Computational Practicality of Private Information Retrieval. In: NDSS 2007 (2007)
Olumofin, F., Goldberg, I.: Revisiting the computational practicality of private information retrieval. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 158–172. Springer, Heidelberg (2012)
Cappos, J.: Avoiding Theoretical Optimality to Efficiently and Privately Retrieve Security Updates (full version). Technical Report TR–CSE–2013–01, Department of Computer Science and Engineering, NYU Poly (February 2013)
AWS Instance Types, http://aws.amazon.com/ec2/#instance
White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An Integrated Experimental Environment for Distributed Systems and Networks. In: Proc. 5th OSDI, Boston, MA, pp. 255–270 (December 2002)
Emulab d710 Node Type Information, https://www.emulab.net/shownodetype.php3?node_type=d710
Yoshida, R., Cui, Y., Shigetomi, R., Imai, H.: The practicality of the keyword search using PIR. In: ISITA 2008, pp. 1–6 (December 2008)
Sassaman, L., Preneel, B., Esat-cosic, K.U.L.: The Byzantine Postman Problem: A Trivial Attack Against PIR-based Nym Servers. Technical report, ESAT-COSIC 2007-001 (2007)
Melchor, C., Crespin, B., Gaborit, P., Jolivet, V., Rousseau, P.: High-Speed Private Information Retrieval Computation on GPU. In: SECURWARE 2008, pp. 263–272 (August 2008)
Compare of Intel E5506 to E5345, http://ark.intel.com/Compare.aspx?ids=37096,28032
Khoshgozaran, A., Shirani-Mehr, H., Shahabi, C.: SPIRAL: A Scalable Private Information Retrieval Approach to Location Privacy. In: MDMW 2008 (2008)
Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS 2008, pp. 139–148. ACM, New York (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cappos, J. (2013). Avoiding Theoretical Optimality to Efficiently and Privately Retrieve Security Updates. In: Sadeghi, AR. (eds) Financial Cryptography and Data Security. FC 2013. Lecture Notes in Computer Science, vol 7859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39884-1_33
Download citation
DOI: https://doi.org/10.1007/978-3-642-39884-1_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-39883-4
Online ISBN: 978-3-642-39884-1
eBook Packages: Computer ScienceComputer Science (R0)